On 10/7/06, Puneet Lakhina <[EMAIL PROTECTED]> wrote:
Hi, I found out that its possible to for me to restrict access to a particular action mapping to only a certain set of roles. The next thing that I found out about these roles is that this is something I can configure in my web.xml. But what I am not able to understand is how do i set a user's role once he logs in. My authentication is based on usernames and passwords in database table. So where do i set a user's role.
It depends on how you are authenticating your users. Tomcat has Realms you can configure to get the role information from a database: http://tomcat.apache.org/tomcat-5.5-doc/config/realm.html Another option is to add a Filter, wrap the request and override the isUserInRole method. -- Wendy --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
